Thought I'd comment about vpn; I've just started using one which means my internet traffic is being encrypted to some extent. Fairly seamless and performance impact seems neglible on my iPad.

Just wondering how it flows: So i assume the encryption is between my device and the vpn server*. It must get encrypted on my device and then decrypted at the vpn server end for forwarding on to the target website. So i guess its not encrypted from the vpn server to the target website, but if anyone knows exactly how that works please tell me!

*using certificates

__________________*** To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.Please note: any advertising within this post has been placed there by the site owner and NOT by me!
Why not avoid the ads by joining the 'Zone today? The site is mostly ad free for members!***

I'm not a network person, but the way it was describe to me is as follows.

The decryption is done at the other end.
Allowing a server in the middle to decrypt would defeat the purpose.

In the old days a company could lease a direct line. Literally a cable that
ran from one point to another. Your communications were secure. No one
else would be on that line. However with the internet, your packets of
information can flow all around. No telling which path it will take next.
Could be some very bad guys on a middle server...dumping the info.

It is called a VPN (virtual Private network)... because it is virtual...
There is no real fixed network instead it uses the internet.
It is called Private because it is encrypted. It is encrypted before flows through the dangerous internet. It is decrypted on the other side.

This is often called "Tunneling" .... You see the info decrypted...
it gets encrypted....tunnels through the dangerous servers... comes out the other side and they decrypt the info.

Thanks but I think we need help from a vpn expert, cos after some further reading today, what i *think* happens is that the messages (i.e. packets) are encrypted between my device and the vpn server, but once it exits their service its in the clear again. Has to be that way because theres no way for the destination site to decrypt the message, (unless they have the necessary protocol/certificates, software, etc.).

I'd like to inderstand further; what about my ISP email- does it travel over the tunnel? I assume not. Ditto for when i browse my isp's server, what happens?

Basically anyone at my isp end would have no way of reading/sniffing the packets, which provides some privacy benefit. Logs would all be just encrypted data.

The other issue would be governance at the vpn end, they need to be on top of who accesses my data as it transits over their network, especially once decrypyed, and what about government back doors?

__________________*** To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.Please note: any advertising within this post has been placed there by the site owner and NOT by me!
Why not avoid the ads by joining the 'Zone today? The site is mostly ad free for members!***

I, personally, run a VPN hardware firewall from my home. It is a cheap solution that provides end-to-end (or point-to-point) encryption.

You create an encrypted connection to the end point (e.g. such as a proxy). Any communications (e.g. traffic) between these two points ARE ENCRYPTED. As in my case, communications are encrypted via hardware... The depth of this encryption depends on my hardware capabilities, but my VPN connections are "at least" 256 bit minimum encryption.

I'm using a software vpn which provides 256 bit encryption.
But i'm having trouble understanding the data flows between my devices and the vpns service. Never really thought about it before.
For example, I connect to my ISP's network to send and receive email via their hosted email service, but how can my data travel over the tunnel in that case?

__________________*** To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.Please note: any advertising within this post has been placed there by the site owner and NOT by me!
Why not avoid the ads by joining the 'Zone today? The site is mostly ad free for members!***